Security News
Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. "Easy to use from the command line with simple, understandable output, Prowler offers standard reporting formats like CSV and JSON, enabling users to thoroughly examine findings across any cloud provider, all in a uniform format. Its seamless integrations with Security Hub and S3 facilitate easy incorporation with other SIEMs, databases, and more. The ability to write custom checks and develop custom security frameworks is crucial for our expanding community," Toni de la Fuente, the creator of Prowler, told Help Net Security.
AI SPERA, a leader in Cyber Threat Intelligence-based solutions, today announced that Criminal IP ASM is now available on the Microsoft Azure Marketplace. Through this partnership, AI SPERA showcases Criminal IP ASM on the Microsoft Azure Marketplace in the security service listings.
Three new security vulnerabilities have been discovered in Azure HDInsight's Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for...
Organizations using Microsoft Azure will have access to confidential virtual machines in Azure on Dec. 1, allowing greater privacy and compliance. Confidential VMs:. SEE: Windows 10 users can now try out the AI assistant Microsoft Copilot.
Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. "Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions."
Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Developed by Microsoft, it's a cloud-based automation service that allows users to automate the creation, deployment, monitoring, and maintenance of resources in Azure.
That's why we've partnered with the Microsoft Azure team to test CIS Hardened Images for Linux using Azure Monitor Agent. For context, Azure Monitor is a service that helps you evaluate the availability and performance of your applications and services in Microsoft Azure.
Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. The attacks Microsoft observed start with exploiting an SQL injection vulnerability in an application in the target's environment.
Microsoft has unveiled Azure Update Manager, a SaaS tool tailored for enterprise clients to simplify the software update management process across different platforms. This tool represents an enhancement over the previous Azure Automation Update management solution. It empowers IT professionals to oversee software updates on Windows and Linux systems across Azure, on-premises, and multi-cloud settings.Azure Update Manager offers a suite of functionalities to IT administrators, enabling them to monitor the update compliance of their machines, whether they're based in Azure, on-premises, or other cloud infrastructures. Critical updates can be immediately deployed, ensuring systems remain secure. The tool also provides the capability to manage extended security updates for Azure Arc-enabled virtual machines. Furthermore, administrators have the option to schedule regular patching, determining specific time frames for the rollout of updates and system reboots.